piped (pronounced "ess-pipe-dee") is a utility for creating 
symmetrically encrypted and authenticated pipes between socket 
addresses, so that one may connect to one address (e.g., a UNIX socket 
on localhost) and transparently have a connection established to 
another address (e.g., a UNIX socket on a different system). This is 
similar to 'ssh -L' functionality, but does not use SSH and requires a 
pre-shared symmetric key.

Spiped uses strong and well-understood cryptographic components: The 
initial key negotiation is performed using HMAC-SHA256 and an 
authenticated Diffie-Hellman key exchange over the standard 2048-bit 
"group 14"; following the completion of key negotiation, packets are 
transmitted encrypted with AES-256 in CTR mode and authenticated using 
HMAC-SHA256. The simplicity of the code — about 6000 lines of C code 
in total, of which under 2000 are specific to spiped (the rest is 
library code originating from kivaloo and Tarsnap) — makes it unlikely 
that spiped has any security vulnerabilities.

On the author's 2.5 GHz Intel Core 2 laptop, spiped operates at 
approximately 300 Mbps.
